StudentShare
Our website is a unique platform where students can share their papers in a matter of giving an example of the work to be done. If you find papers matching your topic, you may use them only as an example of work. This is 100% legal. You may not submit downloaded papers as your own, that is cheating. Also you should remember, that this work was alredy submitted once by a student who originally wrote it.
Contact Us
Sign In / Sign Up for FREE
Sign Up for FREE Sign In
Search
Go to advanced search...
Home
Free Samples
Premium Essays
Editing Services
Editing Proofreading Rewriting
Extra Tools
Essay Topic Generator Thesis Generator Citation Generator GPA Calculator Study Guides Donate Paper
Essay Writing Help
About Us
About Us Testimonials FAQ
Free

Introduction to Firewall in Linux-Based Systems - Essay Example

Add to wishlist
Cite this document
Summary
The author of "Introduction to Firewall in Linux-Based Systems" paper discusses the way we can use IP Tables to set firewall rules in a Linux environment and we will aim for an IP Table firewall definition for a system that requires some special settings…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER92.8% of users find it useful
Introduction to Firewall in Linux-Based Systems
Read Text Preview

Extract of sample "Introduction to Firewall in Linux-Based Systems"

Firewall in Linux of In this paper, we will have a short introduction to firewall in Linux based systems. We will discuss the way we can use IP Tables to set firewall rules in Linux environment and we will aim to an IP Table firewall definition for a system that requires some special settings. We will apply these rules to Linux Firewall and we will discuss how these rules impact the system. For more convenience and more security in the system, we will also make the rest of the rules as security focused (and sensible) as possible. Introduction "iptables" is Linux firewall which has been a part of the kernel since version 2.4. It is often referred to as a packet filter as it examines each packet transferred in every network connection to, from, and within your computer. iptables replaced ipchains in the 2.4 kernel and added many new features including connection tracking (also known as stateful packet filtering).1 In this article we will use iptables to build a simple but effective firewall for the following scenarios: - Full egress and ingress filtering. - The machine has only one network connection, eth0. - The machine runs ssh, telnet, apache, and qmail. - It should be able to surf the web, send email and make DNS lookups. - The apache user should not be allowed to surf the web. 1. Full egress and ingress filtering. In order to implement this condition, we have to add these simple rules at the beginning of the filtering rules: INPUT DROP [0:0] FORWARD DROP [0:0] OUTPUT DROP [0:0] This means that the configuration for the firewall is set to "deny all connections" by default and the only way to establish connections between to point or two entity, we have to explicitly add new rules for them. The term "INPUT" refers to any packet that is coming to this computer, "OUTPUT" means any packet that is generated by this computer and is leaving it. The term "FORWARD" also means the packets that are arriving from another computer but their final destination is one other computer. In fact we have used this computer to transit the packets between two different computers. The term "DROP" means that "the packet is not allowed through the firewall and the sender of the packet is not notified."2 2. The machine has only one network connection and it should be able to surf the web, send email and make DNS lookups. In our firewall rule set, as you have seen above in section one, all incoming and outgoing packets are dropped unless we add new rules that allow our system to deal with. We have only allowed the system to use one connection by defining only one connection named "eth0" in the rules as follows: # allow connections to my DNS servers -A OUTPUT -d 2.3.4.11 -m state --state NEW -p udp --dport 53 -o eth0 -j ACCEPT # allow outgoing connections to web servers -A OUTPUT -d 0/0 -m state --state NEW -p tcp --dport http -o eth0 -j ACCEPT -A OUTPUT -m state --state NEW -p tcp --dport https -o eth0 -j ACCEPT # allow outgoing mail connections to my ISP's SMTP and POP3 server only -A OUTPUT -d 2.3.4.5 -m state --state NEW -p tcp --dport smtp -o eth0 -j ACCEPT -A OUTPUT -d 2.3.4.5 -m state --state NEW -p tcp --dport pop3 -o eth0 -j ACCEPT As you can see, the rules above, allows the system for DNS access, allows to access to the web pages (http) and secure web pages (https). 3. The machine runs ssh and telnet. In order to add to add these rules we need to add the following lines to our firewall rule: # The machine runs SSH and TTELNET -A INPUT -i $EXTIF -p tcp --dport 22 -j TCPACCEPT -A INPUT -i $EXTIF -p tcp --dport 23 -j TCPACCEPT 4. The apache user, should not be allowed to surf the web. # Do not allow incoming outgoing connections to web servers for apache (2.3.4.6) -A INPUT -d 2.3.4.6 -m state --state NEW -p tcp --dport http -o eth0 -j REJECT -A INPUT 2.3.4.6 -m state --state NEW -p tcp --dport https -o eth0 -j REJECT -A OUTPUT -d 2.3.4.6 -m state --state NEW -p tcp --dport http -o eth0 -j REGECT -A OUTPUT 2.3.4.6 -m state --state NEW -p tcp --dport https -o eth0 -j REJECT The lines above, states that any input and output packet for the use named apache with IP address 2.3.4.6 for both regular web pages (http) and secure web pages (https) is restricted. Considering the above conditions, the final firewall script would be like this: 1 *filter 2 :INPUT DROP [0:0] 3 :FORWARD DROP [0:0] 4 :OUTPUT DROP [0:0] 5 6 # allow local loopback connections 7 -A INPUT -i lo -j ACCEPT 8 9 # drop INVALID connections 10 -A INPUT -m state --state INVALID -j DROP 11 -A OUTPUT -m state --state INVALID -j DROP 12 -A FORWARD -m state --state INVALID -j DROP 13 14 # allow all established and related 15 -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT 16 -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT 17 18 # allow connections to my ISP's DNS servers 19 -A OUTPUT -d 2.3.4.10 -m state --state NEW -p udp --dport 53 -o eth0 -j ACCEPT 20 -A OUTPUT -d 2.3.4.11 -m state --state NEW -p udp --dport 53 -o eth0 -j ACCEPT 21 22 # allow outgoing connections to web servers 23 -A OUTPUT -d 0/0 -m state --state NEW -p tcp --dport http -o eth0 -j ACCEPT 24 -A OUTPUT -m state --state NEW -p tcp --dport https -o eth0 -j ACCEPT 25 26 # allow outgoing mail connections to my ISP's SMTP and POP3 server only 27 -A OUTPUT -d 2.3.4.5 -m state --state NEW -p tcp --dport smtp -o eth0 -j ACCEPT 28 -A OUTPUT -d 2.3.4.5 -m state --state NEW -p tcp --dport pop3 -o eth0 -j ACCEPT 29 30 # Do not allow incoming outgoing connections to web servers for apache (2.3.4.6) 31 -A INPUT -d 2.3.4.6 -m state --state NEW -p tcp --dport http -o eth0 -j REJECT 32 -A INPUT 2.3.4.6 -m state --state NEW -p tcp --dport https -o eth0 -j REJECT 33 -A OUTPUT -d 2.3.4.6 -m state --state NEW -p tcp --dport http -o eth0 -j REGECT 34 -A OUTPUT 2.3.4.6 -m state --state NEW -p tcp --dport https -o eth0 -j REJECT 35 36 # The machine runs SSH and TTELNET 37 -A INPUT -i $EXTIF -p tcp --dport 22 -j TCPACCEPT 38 -A INPUT -i $EXTIF -p tcp --dport 23 -j TCPACCEPT 39 40 41 # log all other attempted out going connections 42 -A OUTPUT -o eth0 -j LOG 43 # default is to DROP out-going connections 44 45 COMMIT The above set of firewall rules are best for a home computer which uses the Linux. More additional rules are added for more security. References Barry O'Donovan, Firewalling with netfilter / iptables , june 2004, from linuxgazette.net, INTERNET Read More
Tags
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Firewall in Linux Essay Example | Topics and Well Written Essays - 1000 words”, n.d.)
Firewall in Linux Essay Example | Topics and Well Written Essays - 1000 words. Retrieved from https://studentshare.org/technology/1523178-firewall-in-linux
(Firewall in Linux Essay Example | Topics and Well Written Essays - 1000 Words)
Firewall in Linux Essay Example | Topics and Well Written Essays - 1000 Words. https://studentshare.org/technology/1523178-firewall-in-linux.
“Firewall in Linux Essay Example | Topics and Well Written Essays - 1000 Words”, n.d. https://studentshare.org/technology/1523178-firewall-in-linux.
  • Cited: 0 times

CHECK THESE SAMPLES OF Introduction to Firewall in Linux-Based Systems

Installation of a Firewall Policy in a Small Office-Home Office Environment

Most vendors of operating systems (OS) for personal computers include software-based firewall packages in the OSs to protect threats from the public Internet.... Through the installation of a firewall appliance in a SOHO environment, client systems can easily share Internet connections.... This literature review "Installation of a firewall Policy in a Small Office-Home Office Environment" discusses different types of firewalls that can be implemented at different levels but since in a SOHO environment cost implications are considered, only one level of a firewall can be implemented....
15 Pages (3750 words) Literature review

The Firewall Security Solution and the Types of a Firewall

This paper presents an overview of the firewall security systems.... Network firewalls can be based on software applications, hardware devices or a combination of these two systems.... When communication systems and computer networks are connected jointly a different level of trust frequently exists on various sides of the connection.... Operating systems keep huge records of a less protected configuration of system working and operations....
9 Pages (2250 words) Research Paper

Examination of the Technologies Currently Employed for the Detection of a Worm Attack and Its Subsequent Negation

The aim of the research is an examination of the technologies employed for the detection of a worm attack and its subsequent negation.... The research illustrates that by taking existing honeypot technologies, a Honeywell could use the honeypots as sensors to detect and respond to unauthorized traffic....
36 Pages (9000 words) Term Paper

Firewalls Network Security Analysis

The essay "Firewalls Network Security Analysis" discusses the implementation of firewall technology for the enhanced security of any business or personal network.... It also outlines and analyzes firewall's security matters, effectiveness, and methodologies in addition to implemented in individual and organizations....
6 Pages (1500 words) Essay

Security-Enhanced Linux System

Various issues such as speed, adaptability, resource usage, embedded systems, distributed computing, and complex analysis have served as major purposes that have enabled Linux to be developed in different ways.... The author examines the pros and cons of using SELinux in a volatile and insecure environment and that SELinux has taken policy administration into a completely different league, which has raised further questions....
11 Pages (2750 words) Research Paper

Firewalls: Great Network Security Devices

These firewalls can be applied to software applications, hardware devices, or a combination of these two systems.... This paper presents an overview of the firewall security systems.... hen communication systems and computer networks are connected jointly a different level of trust frequently exists on various sides of the connection.... Some of the fundamental reasons are outlined below (Ingham & Forrest, 2005; Rhodes-Ousley, Bragg, & Strassberg, 2003; Turban, Leidner, McLean, & Wetherbe, 2005):Operating systems keep huge records of the less protected configuration of system working and operations....
9 Pages (2250 words) Research Paper

Inbuilt Linux and Windows Firewall

This paper ''Inbuilt Linux and Windows Firewall '' tells that Windows and Linux are two of the most commonly used operating systems in the world.... The most significant difference between these operating systems is its open-source nature.... IP Tables is a firewall controlled by a command line and uses the policy chains from the user to block or allow traffic....
5 Pages (1250 words) Essay

Effectiveness of Internet and Network Security Measures

n contrast, since malicious codes (external from the Internet) can go through any communication channel such as Internet websites, email, portable devices, and others, the most common network security measures employed are networking traffic filtering (firewall), scanning incoming files by an anti-malware program, and user behavior modification....
9 Pages (2250 words) Research Proposal
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us